Site Map - skip to main content

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.

hpr2138 :: Hack the Box with Bandit

NYbill talks about a Linux 'War Game' called Bandit.

<< First, < Previous, Latest >>

Host Image
Hosted by NYbill on Wednesday 2016-10-12 is flagged as Clean and is released under a CC-BY-SA license.
Tags: Linux,wargame,Bandit.

Listen in ogg, spx, or mp3 format. | Comments (1)

NYbill talks about a Linux ‘War Game’ called Bandit.

https://overthewire.org/wargames/bandit/

Show Transcript

Automatically generated using whisper

whisper --model tiny --language en hpr2138.wav

<< First, < Previous, Latest >>

Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2016-10-25T06:29:02Z by Krayon

Good fun!

NYBill,

Thanks for the episode, I always love these little games. This one is indeed
focused at beginners but can still be a bit of fun.

I only just started trying it out so I'm only up to level 16. Haven't come
across any challenge yet except the constant password typing :P

I created an extremely over-engineered lil' bashrc to ease typing a bit. With
it, once you've got the password, you simply type:
sshnext

And then paste the password.

It copies itself each level to ensure only people of your level can screw with
your stuff and to give you a working directory if you need one.

One need only (as bandit0) choose a base name for the directories (CHANGE_ME
here) and create the directory /tmp/CHANGE_ME.bandit0/ and the file
/tmp/CHANGE_ME.bandit0/.bashrc, containing:

set -o vi

echo "Setting aliases"
alias rot13='tr "[a-mn-zA-MN-Z]" "[n-za-mN-ZA-M]"'

# In bash >= 3, BASH_SOURCE will tell us who we are
medir="${BASH_SOURCE%/*}"
dbase="${medir%.*}"
wd="${dbase}.${USER}"

game="${USER//[0-9]/}"
curr="${USER//[a-z]/}"

last="$((${curr} - 1))"
next="$((${curr} + 1))"

unext="${game}${next}"

dlast="${dbase}.${game}${last}"

# Create this file as the new user
[ ! -d "${wd}" ] && {
cp -a "${dlast}" "${wd}" && echo "Created ${wd}"
}

unset medir base game curr last next dlast

echo "Working Directory: \$wd == ${wd}"

function sshnext() {
global wd unext

ssh -t \
-o "UserKnownHostsFile /dev/null" \
-o "StrictHostKeyChecking no" \
${unext}@localhost \
bash --rcfile "${wd}/.bashrc" \
-i
}

<< First, < Previous, Latest >>

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Provide feedback
Your Name/Handle:
Title:
Comment:
Anti Spam Question: What does the P in HPR stand for ?
Are you a spammer →
Who hosted this show →
What does HPR mean to you ?